Login Sign Up

CVE-2025-48700

6.1 MEDIUM
Cross-Site Scripting

📋 TL;DR

A Cross-Site Scripting (XSS) vulnerability in Zimbra Collaboration's Classic UI allows attackers to execute arbitrary JavaScript in users' sessions by sending specially crafted emails. This can lead to session hijacking, data theft, and unauthorized actions within the affected user's account. All Zimbra Collaboration users running versions 8.8.15, 9.0, 10.0, or 10.1 with Classic UI enabled are affected.

💻 Affected Systems

Products:
  • Zimbra Collaboration (ZCS)
Versions: 8.8.15, 9.0, 10.0, 10.1
Operating Systems: All supported platforms
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects Classic UI. Modern UI (Ajax) may not be vulnerable. Requires user to view malicious email in Classic UI.

📦 What is this software?

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

Zimbra Collaboration Suite by Synacor

View all CVEs affecting Zimbra Collaboration Suite →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete account takeover, data exfiltration, lateral movement within the organization, and installation of persistent backdoors.

🟠

Likely Case

Session hijacking leading to unauthorized email access, contact list theft, and potential credential harvesting via phishing.

🟢

If Mitigated

Limited impact due to proper email filtering, user awareness, and security controls preventing malicious emails from reaching users.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: LIKELY
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploitation requires sending crafted email to target user. No authentication needed to send email, but attacker needs target's email address.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check Zimbra Security Advisories for specific patch versions

Vendor Advisory: https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories

Restart Required: Yes

Instructions:

1. Check Zimbra Security Advisories for patch details. 2. Apply the latest security patch for your version. 3. Restart Zimbra services. 4. Verify patch installation.

🔧 Temporary Workarounds

Disable Classic UI

linux

Force all users to use Modern UI (Ajax) which may not be vulnerable

zmprov mcf zimbraFeatureClassicEnabled FALSE
zmmailboxdctl restart

Enhanced Email Filtering

all

Implement strict HTML/JavaScript filtering at email gateway

🧯 If You Can't Patch

  • Implement strict Content Security Policy (CSP) headers to limit script execution
  • Deploy web application firewall (WAF) with XSS protection rules

🔍 How to Verify

Check if Vulnerable:

Check Zimbra version and verify if Classic UI is enabled. Vulnerable if running affected versions with Classic UI active.

Check Version:

su - zimbra -c 'zmcontrol -v'

Verify Fix Applied:

Verify patch installation via version check and test with safe XSS payload in test email.

📡 Detection & Monitoring

Log Indicators:

  • Unusual email patterns with HTML/JavaScript content
  • Multiple failed login attempts from same session
  • Unexpected outbound connections from Zimbra server

Network Indicators:

  • Suspicious email attachments with HTML content
  • Unusual SMTP traffic patterns

SIEM Query:

source="zimbra.log" AND ("script" OR "javascript" OR "@import") AND "email_view"

📊 Metadata

CVE ID: CVE-2025-48700
CVSS v3 Score: 6.1 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CWE: CWE-79
EPSS Score: 0.03% exploit probability (6.3th percentile)
Published: June 23, 2025
Last Updated: July 11, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-48700, you might also want to check these:

CVE-2021-39199 10.0

CVE-2021-39199 is a critical cross-site scripting (XSS) vulnerability in the remark-html Node.js lib...

Same vulnerability type (CWE-79)
CVE-2021-32671 10.0

This vulnerability in Flarum forum software allows attackers to inject malicious HTML/JavaScript int...

Same vulnerability type (CWE-79)
CVE-2021-32798 10.0

CVE-2021-32798 is a critical vulnerability in Jupyter Notebook that allows malicious notebook files ...

Same vulnerability type (CWE-79)